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The MAILING DATE of this communication appears on the cover shoet with the correspondence address - 
Period for Reply 



A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 3 MONTH(S) OR THIRTY (30) DAYS, 
WHICHEVER IS LONGER, FROM THE MAILING DATE OF THIS COMMUNICATION. 

- Extensions of time may be available under the provisions of 37 CFR 1 .136(a). In no event, however, may a reply be timely filed 
after SIX (6) MONTHS from the mailing date of this communication. 

- If NO period for reply is specified above, the maximum statutory period will apply and will expire SIX (6) MONTHS from the mailing date of this communication. 

- Failure to reply within the set or extended period for reply will, by statute, cause the application to become ABANDONED (35 U.S.C. § 133). 
Any reply received by the Office later than three months after the mailing date of this communication, even if timely filed, may reduce any 
earned patent term adjustment. See 37 CFR 1.704(b). 

Status 

1 )M Responsive to communication(s) filed on 26 August 2005 . 
2a)n This action is FINAL. 2b)l3 This action is non-final. 

3) n Since this application is in condition for allowance except for fonnal matters, prosecution as to the merits is 

closed in accordance with the practice under Ex parte Quayle, 1935 CD. 11, 453 O.G. 213. 

Disposition of Claims 

4) IEI Claim(s) 1-50 is/are pending In the application. 

4a) Of the above claim(s) is/are withdrawn from consideration. 

5) 0 Claim(s) is/are allowed. 

6) 13 Claim(s) 1-50 is/are rejected. 

/)□ Claim(s) is/are objected to. . 

8) n Claim(s) are subject to restriction and/or election requirement. 

Application Papers 

9) 0 The specification is objected to by the Examiner. 

10) 13 The drawing(s) filed on 12 February 2002 is/are: a)l3 accepted or b)n objected to by the Examiner. 

Applicant may not request that any objection to the drawing(s) be held in abeyance. See 37 CFR 1.85(a). 
Replacement drawing sheet(s) including the con-ection is required if the drawing(s) is objected to. See 37 CFR 1.121(d). 

1 1) 0 The oath or declaration is objected to by the Examiner. Note the attached Office Action or fonm PTO-152. 

Priority under 35 U.S.C. § 119 

12) n Acknowledgment is made of a claim for foreign priority under 35 U.S.C. § 1 1 9(a)-(d) or (f). 
a)n All b)n Some * c)^ None of: 

1 .□ Certified copies of the priority documents have been received. 

2, n Certified copies of the priority documents have been received in Application No. . 

3. n Copies of the certified copies of the priority documents have been recejved in this National Stage 

application from the International Bureau (PCT Rule 17.2(a)). 
* See the attached detailed Office action for a list of the certified copies not received. 



Attachment(s) 

1) 13 Notice of References Cited (PTO-892) 4) □ Interview Summary (PTO-413) 

2) [U Notice of Draftsperson's Patent Drawing Review (PTO-948) Paper No(s)/Mail Date. . 

3) 13 Information Disclosure Statement(s) {PTO-1449 or PTO/SB/08) 5) □ Notice of Informal Patent Application {PTO-1 52) 

Paper No(s)/Mall Date see attached . 6) □ Other: . 

U.S. Patent and Trademartc Office ' * " " ' ' 

PTOL-326 (Rev. 7-05) Office Action Summary Part of Paper No./Mail Date 1 00205 . 
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DETAILED ACTION 
Priority 

1 . Acknowledgment is made of applicant's claim for foreign priority under 35 
U.S.C. 119(e). 

Information Disclosure Statement 

2. The information disclosure statements submitted on August 26, 2005 and June 
1 1 , 2002 are in compliance with the provisions of 37 CFR 1 .97. Accordingly, the 
information disclosure statement is being considered by the examiner. 

Claim Rejections - 35 USC § 112 

3. The following is a quotation of the second paragraph of 35 U.S.C. 112: 

The specification shall conclude with one or more claims particularly pointing out and distinctly 
claiming the subject matter which the applicant regards as his invention. 

4. Claims 1 5 and 1 6 are rejected under 35 U.S.C. 112, second paragraph, as being 
indefinite for failing to particularly point out and distinctly claim the subject matter which 
applicant regards as the invention. 

Claim 15 contains the trademark/trade name "Microsoft Office" and "Microsoft 
Windows". Where a trademark or trade name is used in a claim as a limitation to 
identify or describe a particular material or product, the claim does not comply with the 
requirements of 35 U.S.C. 112, second paragraph. See Ex parte Simpson, 218 
USPQ 1020 (Bd. App. 1982). The claim scope is uncertain since the trademark or trade 
name cannot be used properly to identify any particular material or product. A 
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trademark or trade name is used to identify a source of goods, and not the goods 
themselves. Thus, a trademark or trade name does not identify or describe the goods 
associated with the trademark or trade name. In the present case, the trademark/trade 
name is used to identify/describe software products and, accordingly, the 
identification/description is indefinite. 



Claim Rejections - 35 USC § 101 

5. 35 U.S.C. 101 reads as follows: 

Whoever invents or discovers any new and useful process, machine, manufacture, or composition of 
matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the 
conditions and requirements of this title. 

6. Claims 1-39 are rejected under 35 U.S.C. 101 because the claimed invention is 
directed to non-statutory subject matter. The claims recite of software alone and of 
itself that is not tangibly embodied. The Examiner suggests that claims 1-23 be 
amended to recite of a " computer imolemented method" and claims 24-39 be amended 
to recited of a "software product stored on a computer readable medium " 



Claim Rejections - 35 USC § 102 

7. The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that 
form the basis for the rejections under this section made in this Office action: 
A person shall be entitled to a patent unless - 

(e) the invention was described in (1 ) an application for patent, published under section 122(b), by 
another filed in the United States before the invention by the applicant for patent or (2) a patent 
granted on an application for patent by another filed in the United States before the invention by the 
applicant for patent, except that an international applicatfon filed under the treaty defined in sectbn 
351(a) shall have the effects for purposes of this subsection of an application filed in the United States 
only if the international application designated the United States and was published under Article 21(2) 
of such treaty In the English language. 
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8. Claims 1-50 are rejected under 35 U.S.C. 102(e) as being anticipated by England 
et al, U.S. Patent 6,775,779. 

As per dainre 1 and 24, it Is disclosed by England et al of a method and a 
software product for securing a file, the method comprising launching an application 
when a request to access the file is received, determining, in an operating system 
supporting the application, whether the file being accessed is secured, when the file Is 
determined to be secured, activating a cipher module and loading the file through the 
cipher module Into the application, when the file is determined to be non-secured, 
loading the file into the application without activating the cipher module (col. 2, line 66 
through col. 3, line 13 and col. 9, line 55 through col. 10, line 5). 

As per claim 2, England et al teaches that the cipher module, once activated, 
operates within the operating system (col. 10, lines 28-36). 

As per claim 3, England et al recites that the cipher module, once activated, 
operates transparently to a user requesting an access to the file (col. 10, lines 28-36). 

As per claims 4 and 25, England et al teaches that the secured file includes a 
header and an encrypted portion, the header including or pointing to security 
information including a file key that, once obtained, can be used to decrypt the 
encrypted portion (col. 14, lines 18-35). 

As per claims 5 and 26, England et al discloses of determining of whether the file 
being accessed is secured comprises determining if the file being accessed includes the 
header (col. 14, lines 18-35). 
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As per claim 6, England et al teaches that the header further includes a flag 
indicating that the file being accessed is secured, and wherein the determining of 
whether the file being accessed is secured comprises determining if the file has the flag 
(col. 2, line 66 through col. 3 and col. 14, lines 18-35). 

As per claims 7 and 27, the teachings of England et al recite wherein the loading 
of the file through the cipher module Into the application comprises retrieving the file 
key, decrypting the encrypted portion with the file key in the cipher module, and sending 
the file in clear mode to the application (col. 14, lines 1 8-35). 

As per claims 8 and 28, it is disclosed by England et al that the security 
information including the file key is encrypted with a user key, and wherein the retrieving 
of the file key comprises obtaining a user key associated with a user requesting an 
access to the file, and decrypting the encrypted security information with the user key to 
retrieve the file key (col. 14, lines 18-35). 

As per claims 9 and 29, England et al discloses that the security information 
further includes access rules controlling how and who the secured file can be accessed 
(col. 6, lines 33-45). 

As per claims 10 and 30, the teachings of England et al recite wherein the 
loading of the file through the cipher module into the application only happens when 
access privilege of the user is within permissions granted by the access rules (col. 6, 
lines 33-45). 

As per claim 1 1 , England et al teaches of a method for securing a file, the 
method comprising maintaining a file key in a temporary memory space, encrypting the 
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file with the file key in a cipher module to produce an encrypted portion, preparing 
security information for the encrypted portion, the security Information being encrypted 
and including the file key and access rules to control access to the encrypted portion, 
and attaching the encrypted security information to the encrypted portion (col. 2, line 66 
through col. 3, line 13 and. col. 9, line 55 through col. 10, line 5). 

As per claim 12, England et al teaches of deleting the file key from the temporary 
memory space when the attaching of the encrypted security infonnation to the 
encrypted portion is complete (col. 10, lines 28-56). 

As per claim 13, England et al discloses that wherein the encrypting of the file 
with the file key, the preparing of the security information, and the attaching of the 
encrypted security information happen whenever the file is caused to be stored in a 
storage space (col. 14, lines 18-35). 

As per claim 14, It is disclosed by England et al wherein the encrypting of the file 
with the file key, the preparing of the security infornnation, and the attaching of the 
encrypted security information happen upon receiving an instruction from an application 
or an operafing system supporting the application (col. 10, lines 28-36 and col. 14, lines 
18-35). 

As per claim 15, England et al teaches wherein the application is provided in 
Microsoft Office and the operating system is Microsoft Windows (col. 5, lines 15-20). 

As per claim 16, it is disclosed by England et al that the instruction is one of (i) 
Save, (ii) Close and (iii) Exit, all provided in the application (col. 10, lines 28-36). 
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As per claim 17, England et a! teaches that the instruction is generated from an 
automatic operation of saving the file being opened Into the storage space, the 
automatic operation is either triggered by the application itself or the operating system 
(col. 10, lines 28-56). 

As per claim 18, England et al recites of encrypting the security information with 
a user key associated with a member selected from a group consisting of a user, a 
device, a software module, and a group of users (col. 14, lines 18-35). 

As per claim 19, England et al teaches wherein the access rules in the security 
infornration comprises user information identifying who can assess the encrypted 
portion and how the encrypted portion can be accessed (col. 6, lines 33-45). 

As per claim 20, England et al discloses a method for providing access control to 
a file, the method comprising launching an application under an operating system when 
a request to access the file is received, fonwarding the request to a file system manager 
in the operating system, activating a document securing module by the file system 
manager to determine whether the file being accessed is secured, activating a cipher 
module when the file is determined to be secured, and loading the file through the 
cipher module into the application (col. 2, line 66 through col. 3, line 13 and col. 9, line 
55 through col. 10, line 5). 

As per claim 21, England et al recites of retrieving security information from the 
file when the file is determined to be secured, the security information including a file 
key and access rules, and obtaining an access privilege of a user requesting to access 
the file (col. 6, lines 33-45). 
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As per claim 22. the teachings of England et al recite wherein the activating of 
the cipher module proceeds successfully when the access privilege is within 
permissions granted by the access rules (col. 6, lines 33-45). 

As per claim 23, it is disclosed by England et al wherein the activating of the 
cipher module comprises decrypting an encrypted portion of the secured file with the file 
key (col. 2, line 66 through col. 3, line 13 and col. 14, lines 18-35). 

As per claim 31 , England et al teaches of a software product including computer 
instructions for securing a file, the instructions, when executed by a processor, cause 
the processor to perform operations of maintaining a file key in a temporary memory 
space, encrypting the file with the file key in a cipher module to produce an encrypted 
file, wherein the file has been opened with an application and the cipher module 
operates transparently as far as a user executing the application is concerned, and 
storing, in a storage space, a secured file including the encrypted file and a header, 
wherein the header includes or points to security information including the file key (col. 
2, line 66 through col. 3, line 13 and col. 9, line 55 through col. 10, line 5). 

As per claim 32, England et al discloses of deleting the file key from the 
temporary memory space when the application is caused to close the file (col. 10, lines 
28-56). 

As per claim 33, England et al teaches wherein the encrypting of the file with the 
file key happens whenever the file is caused to be stored in the storage space (col. 10, 
lines 28-56). 
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As per claim 34, England et al recites wherein the encrypting of the file with the 
file key happens upon receiving an instruction from the application or an operating 
system supporting the application (col. 10, lines 28-56 and col. 14, lines 18-35). 

As per claim 35, England et al teaches wherein the instruction Is one of (i) Save, 
(ii) Close and (ill) Exit, all provided in the application (col. 10, lines 28-36). 

As per claim 36. England et al discloses wherein the instruction is generated 
from an automatic operation of saving the file being opened into the storage space, the 
automatic operation is either triggered by the application itself or the operating system 
(col. 10, lines 28-56). 

As per claim 37, England et al discloses wherein the security information further 
includes access rules of how and who the secured file can be accessed (col. 6, lines 33- 
45). 

As per claim 38, it is taught by England et al of encrypting the security 
information with a user key associated with a member selected from a group consisting 
of a user, a device, a software module, and a group (col. 14, lines 18-35). 

As per claim 39, England et al recites of attaching the header to the encrypted 
file, wherein the header includes the security information encrypted in addition to a flag 
indicating that the file is secured (col. 14, lines 18-35). 

As per claim 40, England et al teaches of a computing device for securing a file, 
the computing device comprising an application, when executed, accessing the file that 
includes security information and an encrypted portion, the security information further 
including a file key and access rules, and the encrypted portion being an encrypted 
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version of the file, a cipher module activating upon determining that the file being 
accessed is secured, wherein the security Information is encrypted and can be 
decrypted with a user key when authenticated; and wherein the file key can be retrieved 
to decrypt the encrypted portion only after the access rules have successfully measured 
against access privilege of the user (col. 2, line 66 through col. 3, line 13; col. 9, line 55 
through col. 10, line 5; and col. 6, lines 33-45). 

As per claim 41 , England et al discloses of an operating system supporting 
operations of the application, and wherein the cipher module is embedded in the 
operating system (col. 10, lines 28-36). 

As per claim 42, England et al discloses wherein the cipher module operates in 
a path through which the file is caused to pass when accessed by the application (col. 
10, lines 28-56). 

As per claim 43, England et al teaches that the computing device further 
including a memory space and a storage space, and wherein the file key is temporarily 
kept in the memory space when the file is successfully loaded into the application (col. 
10, lines 28-56). 

As per claim 44, it is disclosed by England et al wherein the file key is deleted 
from the memory space as soon as the file is wrote back to the storage space (col. 10, 
lines 28-56). 

As per claim 45, England et al teaches wherein the user key becomes 
authenticated only when the user is authenticated by an authentication process to verify 



Application/Control Number: 10/074.996 Page 1 1 

Art Unit: 2131 

who the user claims to be (col. 1 1 , line 55 through col. 12, line 5 and col. 13, lines 60- 
66). 

As per claim 46, England et al discloses wherein the computing device is coupled 
to another computing device over a data network, the user key becomes authenticated 
only after the user is successfully logged from the computing device into the another 
computing device (col. 11, line 55 through col. 12, line 5 and col. 13, lines 60-66) 

As per claim 47, England et al teaches wherein the computing device is provided 
with means for capturing biometric data of the user, the user key becomes 
authenticated only after the biometric data is successfully verified to support who the 
user claims to be (col. 11, line 55 through col. 12, line 5 and col. 13, lines 60-66). 

As per claim 48, it is taught by England et al wherein the user key becomes 
authenticated after the computing device receives credential information from the user 
(col. 11, line 55 through col. 12, line 5 and col. 13, lines 60-66). 

As per claim 49, England et al discloses wherein the credential information 
includes one of a password entered by the user, biometric infornnation of the user, 
personalized information about the user (col. 1 1 , line 55 through col. 12, line 5 and col. 
13, lines 60-66). 

As per claim 50, England et al recites wherein the biometric information is 
captured from a device coupled to the computing device (col. 1 1 , line 55 through col. 
12, line 5 and col. 13, lines 60-66). 
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Conclusion 



9. Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Christopher A. Revak whose telephone number is .571- 
272-3794. The examiner can normally be reached on Monday-Friday, 6:30am-3:00pm. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Ayaz Sheikh can be reached on 571-272-3795. The fax phone number for 
the organization where this application or proceeding is assigned is 571-273-8300, 

Information regarding the status of an application may be obtained from the 
Patent Application Infornnation Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). 



Christopher Revak 
Primary Examiner 
AU2131 





